Peiter Muddy Zatko, the former chief of security, testified before the United States Senate, accusing the company of failing to safeguard user data and denying involvement in the breaches himself.
He began his testimony by stating, I’m here today because the Twitter address is misleading people, he told the Judicial Committee of the Senate’s upper chamber.
Having served as a Twitter security leader from November 2020 until January of this year, he claimed the platform struggled to protect information because it did not know how much data it possessed, where it originated, or how it was used.
He added that employees had excessive access to sensitive information and too many critical systems for a single organization to manage securely.
An internal risk, he warned, is that an individual within the company could potentially take control of the accounts of every senator present in the room during a session.
Zatko said he raised concerns about security flaws repeatedly with the company’s leadership; when those warnings went unheeded, he chose to go public.
He warned that Twitter’s vulnerabilities pose risks to national security, threaten user privacy and safety, and could even imperil the company’s future prospects.
Significant cybersecurity concerns
Zatko pressed Congress and multiple federal agencies to consider the gravity of cybersecurity issues at the social network last July.
According to a complaint reviewed by The Washington Post and CNN, the platform allowed too many employees to access central controls, raising alarms about control and oversight.
The filing suggested that some workers had links to foreign intelligence services and accused company executives of misrepresenting security shortcomings to regulators.
He also alleged that Twitter failed to properly delete data for users who canceled their accounts, sometimes losing track of account activity and the number of automated accounts on the platform due to resource constraints or insufficient tracking practices.
The dispute over bot activity has drawn attention in the legal proceedings surrounding the company and its attempted acquisition by a high-profile entrepreneur, with critics arguing the number of fake accounts was misrepresented.
Twitter stated that CEO Parag Agrawal declined to appear before the Senate Committee. Zatko, meanwhile, maintains that his departure stemmed from leadership failures and performance concerns rather than any misconduct.